General

  • Target

    2024-06-09_755986248d8615bab04ddde9cc7e809d_cryptolocker

  • Size

    59KB

  • Sample

    240609-ja64pagc94

  • MD5

    755986248d8615bab04ddde9cc7e809d

  • SHA1

    1b322408e2954462c3e895c994422ef3509ed381

  • SHA256

    255eec3808b9e9cfbfea43914fdf569f96e38c283a4f40bfde4586298f9c4e9b

  • SHA512

    8972c3e2acadbf64c0c2a2b2d95fa7fef2c562b978ae102527e777bb5950775b44d2e7af2d4dbc614cc5cc951aae512d4a3cddf46f5b01288cf529d17ad395e5

  • SSDEEP

    768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPB3F:H6QFElP6n+gou9cvMOtEvwDpjCpVXYV

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-09_755986248d8615bab04ddde9cc7e809d_cryptolocker

    • Size

      59KB

    • MD5

      755986248d8615bab04ddde9cc7e809d

    • SHA1

      1b322408e2954462c3e895c994422ef3509ed381

    • SHA256

      255eec3808b9e9cfbfea43914fdf569f96e38c283a4f40bfde4586298f9c4e9b

    • SHA512

      8972c3e2acadbf64c0c2a2b2d95fa7fef2c562b978ae102527e777bb5950775b44d2e7af2d4dbc614cc5cc951aae512d4a3cddf46f5b01288cf529d17ad395e5

    • SSDEEP

      768:H6LsoEEeegiZPvEhHSG+gk5NQXtckstOOtEvwDpjhBaD3TUogs/VXpAPB3F:H6QFElP6n+gou9cvMOtEvwDpjCpVXYV

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks